traverseda
/
cpython
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
43,815 Commits 9 Branches 456 Tags 1.7 GiB
Commit Graph

43815 Commits

Author SHA1 Message Date
R David Murray 9e27eda325 #14984: only import pwd on POSIX. 2013-09-18 08:49:25 -04:00
R David Murray 137b572d55 Add versionchanged for #14984, remove extra blank from string. 2013-09-17 20:08:09 -04:00
R David Murray 4189b67a66 #14984: On POSIX, enforce permissions when reading default .netrc. 
Initial patch by Bruno Piguet.

This is implemented as if a useful .netrc file could exist without passwords,
which is possible in the general case; but in fact our netrc implementation
does not support it.  Fixing that issue will be an enhancement.
 2013-09-16 13:48:44 -04:00
Andrew Kuchling 503baf9ecd #16042: CVE-2013-1752: Limit amount of data read by limiting the call to readline(). 
The SSLFakeFile.readline() method needs to support limiting readline() as
well.  It's not a full emulation of readline()'s signature, but this class
is only used by smtplib's code, so it doesn't have to be.

Modified version of original patch by Christian Heimes.
 2013-09-15 13:11:47 -04:00
Christian Heimes ed9884b2d0 Issue #18709: GCC 4.6 complains that 'v' may be used uninitialized in GEN_EMAIL/GEN_URI/GEN_DNS case 2013-09-05 16:04:35 +02:00
Christian Heimes bde2985f1d Python 2.6's ssl module has neither OPENSSL_VERSION_INFO nor _OPENSSL_API_VERSION 2013-09-03 14:47:00 +02:00
Christian Heimes 8f65ef8853 Issue #18709: Fix issue with IPv6 address in subjectAltName on Mac OS X Tiger 2013-08-25 14:12:41 +02:00
Barry Warsaw 82f8828317 - Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes 
inside subjectAltName correctly. Formerly the module has used OpenSSL's
  GENERAL_NAME_print() function to get the string represention of ASN.1
  strings for `rfc822Name` (email), `dNSName` (DNS) and
  `uniformResourceIdentifier` (URI).
 2013-08-23 13:26:49 -04:00
Barry Warsaw f880e5d5ea Fix UnboundLocalError regression due to previous incorrect fix for 
issue 16248.
 2013-08-20 20:35:20 -04:00
Barry Warsaw f25d95732c - Issue #16248: Disable code execution from the user's home directory by 
tkinter when the -E flag is passed to Python.  Patch by Zachary Ware.
 2013-02-20 18:19:55 -05:00
Georg Brandl 55f23c4233 #8040: port versionswitcher patch to 2.6. 2012-10-28 08:04:38 +01:00
Barry Warsaw cca96f09d3 Post release twiddle. 2012-04-10 14:50:39 -04:00
Barry Warsaw 27509ce8d9 Added tag v2.6.8 for changeset c9910fd022fc 2012-04-10 11:18:47 -04:00
Barry Warsaw a12d0ccfbe Bump to 2.6.8 2012-04-10 10:59:35 -04:00
Barry Warsaw 75076b4971 update docs 2012-04-10 10:56:26 -04:00
Georg Brandl 222ac8c98f Remove duplicate hgtags entries for 2.6.8rc{1,2}. 2012-03-18 07:31:17 +01:00
Barry Warsaw 9636e462d8 Added tag v2.6.8rc2 for changeset bd9e1a02e3e3 2012-03-17 18:34:05 -04:00
Barry Warsaw b1abc08a29 Added tag v2.6.8rc2 for changeset 1d1b7b9fad48 2012-03-17 18:19:42 -04:00
Barry Warsaw bd371a4cbb Bump to 2.6.8rc2 2012-03-17 18:19:15 -04:00
Barry Warsaw 2875b5b294 Update Docs and NEWS for 2.6.8rc2. 2012-03-17 18:16:58 -04:00
Barry Warsaw e9bc2f773f - Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash 
table internal to the pyexpat module's copy of the expat library to avoid a
  denial of service due to hash collisions.  Patch by David Malcolm with some
  modifications by the expat project.
 2012-03-14 17:10:41 -07:00
Barry Warsaw 6707826c66 Added tag v2.6.8rc1 for changeset 5356b6c7fd66 2012-02-23 11:10:31 -05:00
Barry Warsaw 2593eac34e Added tag v2.6.8rc1 for changeset caab08cd2b3e 2012-02-23 10:59:50 -05:00
Barry Warsaw 74f4bd53e0 Bump some more copyright years (as per PEP 101), since this is the first 
release of 2.6 for 2012.
 2012-02-23 10:59:38 -05:00
Barry Warsaw 1fbc16d050 Bump to version 2.6.8rc1. 2012-02-23 10:55:57 -05:00
Barry Warsaw b383e806b6 Back port from 2.7: 
http://hg.python.org/cpython/rev/48705250232c
    changeset:   75187:48705250232c
    branch:      2.7
    parent:      75184:9a1d902714ae
    user:        Antoine Pitrou <solipsis@pitrou.net>
    date:        Wed Feb 22 22:16:25 2012 +0100
 2012-02-22 17:26:50 -05:00
Barry Warsaw 56fd6617b5 Backport from 2.7: 
changeset:   75153:9b7c6dd19e25
    branch:      2.7
    parent:      75151:b1a02c17b327
    user:        Antoine Pitrou <solipsis@pitrou.net>
    date:        Tue Feb 21 22:02:04 2012 +0100
    files:       Lib/test/test_os.py
 2012-02-22 13:50:04 -05:00
Barry Warsaw 6a9005b4eb Backport from 2.7 branch. 
changeset:   75165:780008020c40
    user:        Antoine Pitrou <solipsis@pitrou.net>
    date:        Wed Feb 22 03:33:56 2012 +0100
    summary:     Fix (presumably) test_hash under big-endian systems (PPC).
 2012-02-22 13:34:18 -05:00
Georg Brandl 3aec568e6e Remove reST markup from --help output. Also: O(n**2) is dict construction, not single insertion. 2012-02-21 22:36:27 +01:00
Benjamin Peterson 4e171d12da don't need this hack anymore 2012-02-21 15:08:51 -05:00
Antoine Pitrou 776af4002b Fix crash at startup with -W options. 2012-02-21 20:42:48 +01:00
Benjamin Peterson 876e789f65 merge heads 2012-02-21 11:23:21 -05:00
Barry Warsaw 8757cad394 Backport fix from default branch for ./python -R -Wd where hash('d') would not 
have gotten randomized.
 2012-02-21 11:16:06 -05:00
Benjamin Peterson 26da920001 ensure no one tries to hash things before the random seed is found 2012-02-21 11:08:50 -05:00
Barry Warsaw b69fa1f8b7 Let's sort the keys so that this test passes even with random hashes. 2012-02-21 10:22:34 -05:00
Barry Warsaw b19fb2462e Whitespace normalization 2012-02-20 20:44:15 -05:00
Barry Warsaw 1e13eb084f - Issue #13703: oCERT-2011-003: add -R command-line option and PYTHONHASHSEED 
environment variable, to provide an opt-in way to protect against denial of
  service attacks due to hash collisions within the dict and set types.  Patch
  by David Malcolm, based on work by Victor Stinner.
 2012-02-20 20:42:21 -05:00
Barry Warsaw f5a5beb339 Back port Python 2.7 fix for test_invalid_redirect() in test_urllib.py. 2012-02-20 14:43:22 -05:00
Charles-François Natali 66f3cc6f8d Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer 
upon malformed POST request.
 2012-02-18 14:15:38 +01:00
Antoine Pitrou d358e0554b Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure. 2012-01-27 09:42:45 +01:00
Martin v. Löwis 141e770e8f merge closing of 2.5 branch 2011-10-31 12:39:25 +01:00
Martin v. Löwis e5b9bff214 2.5 is no longer maintained 2011-10-31 12:38:50 +01:00
Éric Araujo 345fff3de8 Remove mentions of previous license in profile module (#12417 followup) 2011-07-28 22:27:28 +02:00
Benjamin Peterson 5ac56d275d fix ws 2011-06-28 21:57:21 -05:00
Benjamin Peterson 1105f34a2b update profile license (closes #12417) 2011-06-27 09:14:34 -05:00
Barry Warsaw d0366e862a Replay svn r88852. 2011-06-03 20:05:48 -04:00
Barry Warsaw 16ec24a192 Replay svn r88850. 2011-06-03 20:02:47 -04:00
Martin v. Löwis 9c53584ebd Nearly null-merge 2.5.6 2011-05-28 14:13:32 +02:00
Martin v. Löwis 228516c3f8 merge 2.5.6c1 tag 2011-05-28 14:06:55 +02:00
Martin v. Löwis dcdf0320c0 Added tag v2.5.6c1 for changeset a87c7b96672b 2011-05-28 14:05:31 +02:00